Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 530
Alerts This Week
Warning Icon 1 530

Fedora 23 FEDORA-2015-73cdd43bc0 Critical: Pax-Utils Syscall Enhancements

fedora
Calendar Grey December 9, 2015
Dist Fedora Esm H88
The recent Fedora Update Announcement for pax-utils highlights critical updates focusing on syscall whitelisting as well as enhancements to runtime efficiency.
Changes since 1.0.5: * security: whitelist the getcwd syscall * security: fix build on systems w/out si_syscall * security: whitelist the futex syscall * security: whitelist dup sy...

Summary

pax-utils is a small set of various PaX aware and related utilities for

ELF binaries. It was written for ELF Q/A on Gentoo systems but can be

used on any distro.

Update Information:

Changes since 1.0.5: * security: whitelist the getcwd syscall * security: fix build on systems w/out si_syscall * security: whitelist the futex syscall * security: whitelist dup syscalls * security: do not warn when seccomp is disabled in the kernel * security: whitelist fakeroot syscalls * security: add a debug handler for seccomp * security: clean up syscall ifdefs * security: use seccomp to lock ourselves down * security: lock down privs a bit via prctl * security: leverage namespaces to restrict the runtime a bit * lddtree.sh: fix interp handling when doing a full listing * lddtree.py: fix glob handling w/ld.so.conf * scanelf: fix memory leak with the -s option

Change Log

References


[ 1 ] Bug #1286232 - pax-utils-1.1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1286232

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update pax-utils' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: pax-utils
Product: Fedora 23
Version: 1.1.4
Release: 1.fc23
Summary: PaX aware and related utilities for ELF binaries

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.